Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Join us at Qlik Connect for 3 magical days of learning, networking,and inspiration! REGISTER TODAY and save!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Not applicable
‎2014-09-19 06:57 AM

Programatically assess whether user can access an app

Hi all,

is there an API method I can call that returns whether a user can access (security restrictions) an application?

Thanks,

Shane.

1,825 Views
0 Likes
6 Replies
Not applicable
‎2014-09-19 07:00 AM
Author

I think the Security rule audit is what you are searching like this Let us know how you do.

Please mark the appropriate replies as helpful / correct so our team and other members know that your question(s) has been answered to your satisfaction.

Regards

Daniel Zanders

QlikSupport

1,408 Views
0 Likes
Not applicable
‎2014-09-19 07:09 AM
Author

In response to

Thanks for that - I'll want to access this from an extension...

Do I (can I) just make a POST AJAX request to /qrs/systemrule/security/evaluatetransientresources?

I'm assuming it doesn't take any parameters. 

Thanks,

Shane.

1,408 Views
0 Likes
ErikWetterberg
Master
Master
‎2014-09-24 05:47 AM

I'm not sure this is what you are after, but the getAppList() method in mashups API should only contain apps the user has access to.

Qlik Sense extensions, mashups, integrations and APIs
Blog Extending Qlik
1,408 Views
Joe_Bickley
Employee
Employee
‎2014-09-24 09:44 AM

In response to

Hi Shane.

Depends on your aim, if you call /qrs/app and the request is made as the user itself then the returned apps are only those that the user can see, security rules are applied on API calls too. (this is a QRS API call but the engine call in Eriks post is similar but to a different API).  Getting nothing back would mean access to no apps.  Similarly you can post app ID to the end of the path for a single app.

Or are you trying to gather this data without the users login context? eg to get a list of what users can do to embed in an app or similar?

Joe

1,408 Views
Not applicable
‎2014-09-24 09:56 AM
Author

In response to Joe_Bickley

Hi Joe,

based on what Erik has said, I should be ok.  If the list of apps is restricted based on what the current user can access, then my code has already been written!

Thank you,

Shane.

1,408 Views
0 Likes
Not applicable
‎2014-09-24 09:57 AM
Author

In response to ErikWetterberg

If the response contains only apps the user has access to, I am happy.  It's exactly what I wanted.

Thanks,

Shane.

1,408 Views
0 Likes
Community Browser